From 7b6c335b729a46399b8106376f572aa331d72e1f Mon Sep 17 00:00:00 2001
From: Vacha Shah <vachshah@amazon.com>
Date: Mon, 27 Jun 2022 10:54:04 -0700
Subject: [PATCH] Use safe_load instead of load for yaml (#77)

Signed-off-by: Vacha Shah <vachshah@amazon.com>
---
 opensearch/lib/opensearch.rb | 2 +-
 profile/benchmarking.rb      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/opensearch/lib/opensearch.rb b/opensearch/lib/opensearch.rb
index 81242b558..6cc1bbd6d 100644
--- a/opensearch/lib/opensearch.rb
+++ b/opensearch/lib/opensearch.rb
@@ -65,7 +65,7 @@ def verify_open_search
 
       body = if response.headers['content-type'] == 'application/yaml'
                require 'yaml'
-               YAML.load(response.body)
+               YAML.safe_load(response.body)
              else
                response.body
              end
diff --git a/profile/benchmarking.rb b/profile/benchmarking.rb
index 8193fba40..9f748d13a 100644
--- a/profile/benchmarking.rb
+++ b/profile/benchmarking.rb
@@ -79,7 +79,7 @@ module Benchmarking
     def each_run(file)
       if file
         file = File.new(file)
-        matrix = YAML.load(ERB.new(file.read).result)
+        matrix = YAML.safe_load(ERB.new(file.read).result)
         file.close
 
         matrix.each_with_index do |run, i|